//package xyz.xtgl.gateway.filter;
//
//import com.alibaba.fastjson.JSON;
//import common.core.util.EncryptUtil;
//import lombok.extern.slf4j.Slf4j;
//import org.springframework.cloud.gateway.filter.GatewayFilterChain;
//import org.springframework.cloud.gateway.filter.GlobalFilter;
//import org.springframework.core.Ordered;
//import org.springframework.http.server.reactive.ServerHttpRequest;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.security.core.context.SecurityContextHolder;
//import org.springframework.security.oauth2.provider.OAuth2Authentication;
//import org.springframework.security.oauth2.provider.OAuth2Request;
//import org.springframework.stereotype.Component;
//import org.springframework.web.server.ServerWebExchange;
//import reactor.core.publisher.Mono;
//
//import java.util.ArrayList;
//import java.util.HashMap;
//import java.util.List;
//import java.util.Map;
//
///*
// * @author liubo
// * @created 2019-12-23 17:40
// **/
//@Slf4j
//@Component
//public class JwtTokenFilter implements GlobalFilter, Ordered {
//
//    /**
//     * 过滤器
//     * @param exchange
//     * @param chain
//     * @return
//     */
//    @Override
//    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
//        //String url = exchange.getRequest().getURI().getPath();
//        //跳过不需要验证的路径
//        //获取token
//        //String token = exchange.getRequest().getHeaders().getFirst("Authorization");
//        //ServerHttpResponse resp = exchange.getResponse();
//
//        //从安全上下文中拿 到用户身份对象
//        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
//        if(!(authentication instanceof OAuth2Authentication)){
//            return null;
//        }
//        OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication;
//        Authentication userAuthentication = oAuth2Authentication.getUserAuthentication();
//        //取出用户身份信息
//        String principal = userAuthentication.getName();
//        //取出用户权限
//        List<String> authorities = new ArrayList<>();
//        //从userAuthentication取出权限，放在authorities
//        userAuthentication.getAuthorities().stream().forEach(c->authorities.add(((GrantedAuthority) c).getAuthority()));
//
//        OAuth2Request oAuth2Request = oAuth2Authentication.getOAuth2Request();
//        Map<String, String> requestParameters = oAuth2Request.getRequestParameters();
//        Map<String,Object> jsonToken = new HashMap<>(requestParameters);
//        if(userAuthentication!=null){
//            jsonToken.put("principal",principal);
//            jsonToken.put("authorities",authorities);
//        }
//
//        //把身份信息和权限信息放在json中，加入http的header中,转发给微服务
//        ServerHttpRequest host = exchange.getRequest().mutate().header("json-token", EncryptUtil.encodeUTF8StringBase64(JSON.toJSONString(jsonToken))).build();
//        ServerWebExchange build = exchange.mutate().request(host).build();
//        return chain.filter(build);
//    }
//
//    @Override
//    public int getOrder() {
//        return -100;
//    }
//}
